diff --git a/server/sandbox_remove.go b/server/sandbox_remove.go
index 15f4f2066a1..2bf2065eadb 100644
--- a/server/sandbox_remove.go
+++ b/server/sandbox_remove.go
@@ -78,6 +78,11 @@ func (s *Server) RemovePodSandbox(ctx context.Context, req *types.RemovePodSandb
 		}
 	}
 
+	// Cleanup network resources for this pod
+	if err := s.networkStop(ctx, sb); err != nil {
+		return errors.Wrap(err, "stop pod network")
+	}
+
 	s.removeInfraContainer(podInfraContainer)
 	podInfraContainer.CleanupConmonCgroup()
 
diff --git a/test/network.bats b/test/network.bats
index 862c78cdf61..934a02fe426 100644
--- a/test/network.bats
+++ b/test/network.bats
@@ -1,5 +1,7 @@
 #!/usr/bin/env bats
 
+# vim:set ft=bash :
+
 load helpers
 
 function setup() {
@@ -140,3 +142,29 @@ function check_networking() {
 
 	check_networking
 }
+
+@test "Clean up network if pod sandbox gets killed" {
+	start_crio
+
+	CNI_RESULTS_DIR=/var/lib/cni/results
+	POD=$(crictl runp "$TESTDATA/sandbox_config.json")
+
+	# CNI result is there
+	# shellcheck disable=SC2010
+	[[ $(ls $CNI_RESULTS_DIR | grep "$POD") != "" ]]
+
+	# kill the sandbox
+	runtime kill "$POD" KILL
+
+	# wait for the pod to be killed
+	while crictl inspectp "$POD" | jq -e '.status.state != "SANDBOX_NOTREADY"' > /dev/null; do
+		echo Waiting for sandbox to be stopped
+	done
+
+	# now remove the sandbox
+	crictl rmp "$POD"
+
+	# CNI result is gone
+	# shellcheck disable=SC2010
+	[[ $(ls $CNI_RESULTS_DIR | grep "$POD") == "" ]]
+}